![]() ![]() |
Dec 6 2007, 11:38 PM
Post
#1
|
|
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,590 Joined: 31-December 06 Member No.: 10,502 |
So there is always the system without patrol IC where you hack in as admin and have a jolly good time. Great for things you don't want to spend much time on in game.
Alright but what about when you do have patrolling IC. First how often do you have it roll against the player? Is there any way to completly stop it from finding you. Also what if at some point you get into a fight with an IC and crash it. Seems like it should just reboot. Anyway to stop that. Also is there any way to stop a system from shutting down? |
|
|
|
Dec 6 2007, 11:46 PM
Post
#2
|
|
|
Technomancer ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
|
|
|
|
Dec 6 2007, 11:54 PM
Post
#3
|
|
|
Moving Target ![]() ![]() Group: Members Posts: 385 Joined: 20-August 07 Member No.: 12,766 |
I always see this as a matter of intrusion. If you're using an established account that you've either had someone on the inside make, or skillfully inserted yourself, then it should either be indefinite, or measured in weeks for a target's security review mechanisms to realize the problem. On the other hand, if you just right-hooked your way in, then the classic hacker adage applies: "The longer you stay in a system, the greater the chance of detection, regardless of activity."
|
|
|
|
Dec 7 2007, 01:17 AM
Post
#4
|
|
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,590 Joined: 31-December 06 Member No.: 10,502 |
So you figure if you hack in and then spend the time to give yourself and actual password and the like. Then log out and log in again using that the IC will simply regard you as a normal user regardless of activity.
I guess that makes sense. |
|
|
|
Dec 7 2007, 01:36 AM
Post
#5
|
|
|
Technomancer ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
Still, if a legitimate account begins to perform actions that it's not authorized to perform, patrolling IC might still raise an alarm.
|
|
|
|
Dec 7 2007, 01:38 AM
Post
#6
|
|||
|
Great Dragon ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 7,089 Joined: 4-October 05 Member No.: 7,813 |
sure, but if you can create an account, you'd be stupid to create anything other than an account that can do what you want to be able to do (and if you can't create such an account, then why are you wasting time creating an account at all?) |
||
|
|
|||
Dec 7 2007, 01:51 AM
Post
#7
|
|
|
Technomancer ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
Hindsight is always 20/20. Foresight, on the other hand, is a little more fuzzy. I've seen people create an account to control cameras and, half way through handling the cameras, alarms are triggered by the rest of the team and the hacker's got to work outside the box to get the alarms canceled. That's an action outside the things that the account was originally created to do, so IC gets a chance to notice.
Rhe other option is, of course, to create an administrative or super user account, I suppose, and give it the right to do everything, but there are people who probably know or can determine how many of those accounts there should be. There might even be dedicated IC doing nothing but watching the user accounts to make sure that no one does such a thing. I guess I just hate giving away a free lunch. Just cause you've got it easy for a some quanta of time (while you legitimately use your legitimate account) doesn't mean that the other shoe won't drop if you step out of line or if you get unlucky. |
|
|
|
Dec 7 2007, 09:32 AM
Post
#8
|
|
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 3,009 Joined: 25-September 06 From: Paris, France Member No.: 9,466 |
It's up to the GM for now.
Personally, I like to compare the Matrix plane with the physical plane, so I handle ICE more or less like drones in a building. They patrol, and if they see you they can identify you as a threat, ignore you, ask to check your ID... You can't exactly prevent it from finding you, but you can either hide from them (using the Stealth program), you can impersonate a legitimate user (using the Spoof program the way you use it to spoof commands to an agent) or you can crash it. As for crashing it, I consider that the IC program is still running, but may be frozen, or acting inefficiently. The system won't be able to notice it, so you'll need a security hacker to reload it. |
|
|
|
Dec 7 2007, 12:23 PM
Post
#9
|
|||
|
Hoppelhäschen 5000 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
Uh, actually, if you try to perform actions not allowed for your access level, you simply fail. That's why you can hack different access levels. |
||
|
|
|||
Dec 7 2007, 02:37 PM
Post
#10
|
|
|
Technomancer ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
@Rotbart,
True, but a hacker with a legitimate account could use their skills to attempt actions for which they're not authorized. That is, in essence, what Hacking does, at least in my games. So if you've hacked your way into a janitorial account, you might be able to open and close doors, control lights, get into storage areas that might be off-limits to the general employees, but the second you try to go outside that account's privileges (a) you stop using the Computer skill and switch to Hacking and (b) you might get seen by IC. In other words, if you have account A and you try to hack it up to an account B with better privileges (even only temporarily, like for one action) then you might get caught. |
|
|
|
Dec 7 2007, 08:21 PM
Post
#11
|
|||
|
Moving Target ![]() ![]() Group: Members Posts: 398 Joined: 16-August 06 Member No.: 9,130 |
All of this is abstracted and uses an IC rating+Analyze, System+Analyze, or Computer+Analyze. That is the only way to notice something illegitimate. As soon as you start making special exceptions for one scenario you have to make special exceptions for all others. In SR4 there is no such thing as IC, Spiders, or Nodes keeping track of user accounts or many of the other things a Security Analyst or Hacker of today would do, at least not expressly. Checking user accounts or any other such thing is just simply an analyze action. Such things are inclusive in the fluff, and not the mechanics of gameplay. Fluff can only affect mechanics in a way which the mechanics expressly define, otherwise you are playing with a different set of rules than everyone else at the table. Thusly, you would then create a House Rule for such an occasion. In this case, I find such a House Rule entirely unnecessary because it is a purview already covered in the rules, while not expressly covered it is abstractly. |
||
|
|
|||
Dec 7 2007, 08:23 PM
Post
#12
|
|
|
Technomancer ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: Retired Admins Posts: 4,638 Joined: 2-October 02 From: Champaign, IL Member No.: 3,374 |
The roll is the same in all cases, yes, but the motivation for the roll doesn't have to be.
|
|
|
|
Dec 7 2007, 08:40 PM
Post
#13
|
|||
|
Moving Target ![]() ![]() Group: Members Posts: 398 Joined: 16-August 06 Member No.: 9,130 |
Oh ok, it looks like I just completely misunderstood you then. |
||
|
|
|||
Dec 8 2007, 03:56 AM
Post
#14
|
|
|
Runner ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 2,590 Joined: 31-December 06 Member No.: 10,502 |
Alright so you're saying that you could hack yourself up a new account and log in with that. But the active IC will be scanning the file at some point. And per how I read p217 the IC would roll analyze+rating vs Hacking/Computer+Edit. Probably on one success it just knows something is wrong with the file. On more successes it would be able to cross check promotion records or something and figure out exactly which entry was false.
So essentially you're back to the question of how long is it before the IC scans the file and how often it will do so. That and I suppose modifiers. A file like that probably wouldn't have any, but maybe a file that isn't cross referenced or anything would have a penatly to detect the editing. |
|
|
|
Dec 8 2007, 05:10 AM
Post
#15
|
|
|
Moving Target ![]() ![]() Group: Members Posts: 861 Joined: 27-November 07 Member No.: 14,397 |
The 'how often' thing is really up to you, but should be based on the importance of the data in question and overall security of the system. If your looking at joe SINner's commlink, your not likely to be challenged at all if you can get in in the first place, maybe daily or weekly exams of various data, but that would be about it.
Now, if your talking novatech's systems, your looking at verying times based on what the data is. Unimportant data generated by employees (personal data, e-mails, notes to self, unimportant projects, etc etc) would maybe be checked daily for errors. More important things like user accounts would maybe get an hourly check, and the super research data maybe every miniute. Of course this is just a rough idea, and it basicly comes down to this: How hard do you want the system to be for the hacker? But remember, the hacker is generally going to have at least several minutes between scans except for the absolute most vital data, and even then a minute or so, part of the reason being the following: "A processes importance is raited from 1 to 7, with 1 being the most important and having the most resources dedicated to it, and 7 being the least. A word program would be a likely example of something with a 7. The process for keeping track of and adjusting for the heat at a nuclear plant would be an example of a 2" - Pulled roughly from a friend's CS collage textbook. His question after reading this of course was "What the heck gets a 1 then?" Just goes to prove that even absurdly important things tend to have things above them. |
|
|
|
![]() ![]() |
|
Lo-Fi Version | Time is now: 7th July 2026 - 11:11 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.